Cloud computing security involves measures to protect data, applications, and infrastructure stored in the cloud. Responsibility is shared between users and cloud providers. Security measures include access controls, identity management, encryption, and compliance controls. Cloud computing offers benefits like scalability, cost-effectiveness, and expertise from providers, but also security risks if not implemented properly.

1. Assignment Title: Cloud computing and its security
Coursework Type: Individual
Module Name: ST4059CEM Legal And Ethical
Foundations In Cyber Security Submitted By:
CU ID:
College ID: 220361
Submitted To: Name: Pratik Shrestha
Name: Adhisthan Gurung ABTRACTIONS
Cloud computing security refers to the measures and controls put in place to protect data, applications,
and infrastructure in a cloud environment. The responsibility of ensuring cloud computing security is
shared between the user and the cloud service provider. Different types of cloud environments include
public, private, hybrid, and community clouds. Security measures that can be implemented include
access controls, identity and access management, data encryption, network security, vulnerability
management, and compliance controls. Advantages of cloud computing security include scalability, cost-
effectiveness, flexibility, continuous monitoring, automatic updates, and expertise provided by cloud
security providers.
KEYWORDS
Cloud computing security, measures, controls, technologies, protect, information, applications,
infrastructure, cloud environment, safeguarding, unauthorized access, use, disclosure, disruption,
alteration, destruction, data, stored, compliance, regulations, cloud service provider, user, shared
responsibility, securing underlying infrastructure, securing own data, access, cloud, data encryption,
secure access control, network security, incident management, disaster recovery planning, types of
cloud environments, public cloud, infrastructure, services, general public, internet, Amazon Web
Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), private cloud, single organization,
typically operated on-premises, secure data center, hybrid cloud, combination, public and private cloud
environments, organization, benefits, sensitive workloads, community cloud, shared by multiple
organizations, specific community, shared concerns, security, compliance, jurisdiction, security
measures, access restrictions, identity and access management (IAM) controls, control access levels,
manage identities, people, devices, use cloud services, network security, guard against unwanted
access, attacks, cloud infrastructure, data, vulnerability management, stop assaults, find and fix
vulnerabilities, compliance and regulatory controls, benefits, scalability, cost-effectiveness, flexibility,
continuous monitoring, automatic updates, expertise, cloud security providers, address security
challenges

2. Outline
1. Introduction …………………………………………………………………………... 4
2. Types of cloud
3. SECURITY MEASURES
4. Advantages and Disadvantages of cloud computing
5. SUMMARY
INTRODUCTIONS
Cloud computing security is the set of measures, controls and technologies put in place to protect
information, applications, and infrastructure in a cloud environment. This includes safeguarding against
unauthorized access, use, disclosure, disruption, alteration or destruction of data stored on cloud. It also
includes ensuring compliance with regulations. Both the cloud service provider and the user share the
responsibility of ensuring cloud computing security. The provider is responsible for securing the
underlying infrastructure, while the user is responsible for securing their own data and access to the
cloud. It encompasses various aspects such as data encryption, secure access control, network security,
incident management, and disaster recovery planning.
There are various types of cloud environments, such as:
1. Public cloud: Public cloud, a type of cloud computing environment, provides infrastructure and
services that are easily accessible to the general public via the internet. This means that anyone can
access and use these resources without the need for special permissions or contracts. Leading providers
of public cloud services include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud
Platform (GCP). These providers offer a wide range of services such as virtual machines, storage,
databases, and networking which can be easily provisioned and scaled as needed. Ease of access and
scalability are major benefits of using public cloud. Public cloud providers typically offer a self-service
model, allowing customers to easily provision and manage resources without the need for IT support.
This makes it a great option for businesses of all sizes, as they can easily scale their resources up or
down as needed.
2. Private cloud: A private cloud is a type of cloud computing that combines the benefits of public
clouds, such as scalability and self-service, with added control, security, and privacy. Unlike
public clouds, which are managed by third-party providers, a private cloud's infrastructure and
services are typically owned and operated by the organization that uses them. This allows the
organization to have more control over the security and configuration of the cloud
environment, and to ensure that data and applications hosted in the cloud are kept secure.

3. Key features of a private cloud include:
a. Dedicated resources: The servers, storage, and networking used in a private cloud are usually
dedicated to the organization that owns them, providing more control over performance and
capacity.
b. Enhanced security: A private cloud is typically located on-premises or within a secure data
center, offering a higher level of security than a public cloud.
c. Compliance options: A private cloud can be configured to meet specific compliance
requirements, such as data privacy regulations.
d. Customization: A private cloud can be tailored to the specific needs of the organization, with
custom APIs or specialized management tools.It's important to note that private clouds can be more
costly to set up and maintain than public clouds, and they may also be more complex to
manage. Organizations should carefully evaluate their needs and resources before deciding to
implement a private cloud.
3. Hybrid cloud: A hybrid cloud is a type of computing environment that combines the use of both
private and public cloud resources. This allows organizations to run certain workloads on a
public cloud while utilizing a private cloud for others. By using a hybrid cloud strategy,
companies can take advantage of the benefits offered by public clouds such as scalability, cost-
efficiency, and flexibility while also maintaining the security, control, and compliance options of
a private cloud.
Key characteristics of a hybrid cloud include:
Flexibility: A hybrid cloud allows businesses to choose the best environment for each workload,
whether it's on-premises, in the public cloud, or in a private cloud. This can help businesses
optimize the use of their resources and improve overall efficiency.
4. Multi clouds: Multi-cloud is a cloud computing strategy in which an organization uses multiple
cloud services from different providers, rather than relying on a single provider. Multi-cloud
offers several benefits such as increased flexibility, reduced vendor lock-in, improved cost
management, better disaster recovery and enhanced security. However, it also poses
challenges such as complexity in management, security, compliance and integration. Therefore,
it is essential for organizations to have a well-planned strategy and a dedicated team to
effectively manage multi-cloud deployments.
In summary, Multi-cloud is a cloud computing strategy that allows businesses to use multiple cloud
services from various providers. It offers benefits such as increased flexibility, reduced vendor
lock-in and improved cost management, but it also poses challenges such as complexity in
management,

4. security, compliance and integration. A well-planned strategy and a dedicated team are essential
for effectively managing multi-cloud deployments.
SECURITY MEASURES
There are several types of security measures that can be implemented in cloud computing
environments, including:
1.Cloud computing environments require a range of security measures to protect data and resources.
Access restrictions are controls and limitations that determine who can access the cloud network. This
can include user authentication and authorization, which verify the identity of users and ensure they
have the necessary permissions to access the data. Firewalls, intrusion detection systems, and intrusion
prevention systems are also used to secure the network. They monitor network traffic and block
unauthorized access attempts.
2.Identity and Access Management (IAM) controls are used to manage user identities and access levels
to cloud services. This involves creating user accounts and assigning permissions to users. Single sign-on
(SSO) and multi-factor authentication (MFA) tools can also be used to provide safe access to the cloud
services. SSO allows users to access multiple cloud services with one set of login credentials, while MFA
adds an extra layer of security by requiring users to provide multiple forms of identification.
3.Data encryption is another important security measure in cloud computing environments. Encrypting
data before it is stored ensures that it is protected both in transit and at rest. This is

5. particularly important for sensitive information, such as financial data or personal
information, as it prevents unauthorized access to the data even if it is intercepted or stolen.
ADVANTAGES OF CLOUD COMPUTING
Benefits of cloud computing security include:
1. Scalability: Cloud computing allows businesses to easily scale their resources up or down as
needed to accommodate changes in demand or usage. This can be particularly beneficial
for organizations that experience cyclical or seasonal fluctuations in usage.
2. Cost-efficiency: Cloud computing eliminates the need for businesses to invest in costly
hardware and infrastructure, making it a more cost-effective solution than traditional on-
premises options. The costs associated with maintaining and upgrading hardware are also
reduced.
3. Flexibility: Cloud computing enables organizations to quickly access and utilize a wide range
of services and resources from any location with an internet connection. This allows for
greater flexibility in terms of remote working and expanding into new markets.
4. Continuous monitoring: Cloud computing service providers often provide tools and services
that enable continuous monitoring and logging of activities, which can speed up the
detection and response to security incidents by businesses.
5. Automatic updates: Cloud computing providers automatically receive updates and patches,
ensuring that the latest security measures are always in place.
6. Expertise: Cloud computing companies have expertise in securing the cloud environment
and can assist businesses with security issues.

6. 7. Improved disaster recovery: Cloud computing providers often provide disaster recovery
solutions that can help organizations quickly restore access to data and applications in
the event of an outage or other disaster.
8. Improved collaboration: Cloud computing enables multiple users to work on the same data,
documents, and projects, improving collaboration and productivity.
9.
Disadvantage of cloud computing Cons of cloud computing include:
1. Security risks: Storing data and running applications on a third-party's servers may raise security
concerns. Businesses may be at risk of data breaches, unauthorized access, and loss of control over
their data.
2. Internet connection dependency: Cloud computing relies on a stable and fast internet
connection. In the event of an internet outage, access to data and applications may be lost.
3. Limited control over service: Organizations may have limited control over the configuration and
management of the cloud services they use. This can make it difficult to customize the service
to meet specific business needs.

7. 4. Limited ability to audit: Organizations may have limited ability to audit the cloud service
provider's security and compliance practice
5. Compliance and regulatory issues: Some industries have specific compliance and
regulatory requirements that may not be fully supported by all cloud service providers.
BET CLOUD PROVIDERS
SUMMARY
Cloud computing technology enables enterprises to utilize servers owned and maintained by a
third- party provider to store, process, and run applications remotely. This offers many benefits
such as scalability, cost efficiency, accessibility, and improved collaboration. However, it also poses
security challenges.

8. Securing cloud computing environments is vital as it helps protect sensitive information and data that
is stored and processed in the cloud. This includes personal information, financial data, confidential
business information, and other sensitive data that must be protected from unauthorized access,
misuse, and disclosure. Many organizations also place a high importance on compliance with
regulatory requirements.